Kkokkio Alarm Privacy Policy
Effective Date of Privacy Policy: 2024-02-14
Personal Information. Thoroughly, Safely, Meticulously. 🔒
Team KKOKKIO of Rdod Corporation (hereinafter referred to as "company"), which provides Kkokkio Alarm, complies with the 「Personal Information Protection Act」 and related laws to protect the personal information and rights of data subjects. The company is committed to handling personal information lawfully and managing it securely.
Accordingly, in accordance with Article 30 of the 「Personal Information Protection Act」, the company establishes and discloses the following privacy policy to help data subjects quickly and smoothly handle related grievances.
| Article 1 (Purpose of Processing Personal Information, Items Collected, Retention and Usage Period)
① The personal information processed by the company, the purpose of processing, items collected, retention and usage period are as follows.
1. Category (Task Name): Membership Registration and Management / Purpose of Processing: Personal identification and authentication, maintenance and management of membership qualifications, prevention of fraudulent membership and use / Items Processed (Required): Name, age, mobile phone number, password, gender, date of birth, profile ID, email (for KakaoTalk registration), KakaoTalk profile picture (for KakaoTalk registration) / Retention and Usage Period: Until membership withdrawal
2. Category (Task Name): Automatically Collected Information / Purpose of Processing: Statistics and analysis of web/app visits, utilization of service elements / Items Processed (Required): IP address, OS type, device type / Retention and Usage Period: Until membership withdrawal
② The personal information being processed will not be used for purposes other than those specified above. If the purpose of processing changes, necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act will be implemented.
③ The company processes and retains personal information within the period of retention and use agreed upon by the data subject at the time of collection or as required by relevant laws. However, personal information may be retained until the end of the following periods.
1. When investigations or inquiries related to violations of relevant laws are ongoing, until the end of such investigations or inquiries
2. When there are remaining debts or claims related to the use of the website, until the settlement of such debts or claims
3. When retention is required by relevant laws, until the end of such periods
● Communications Privacy Protection Act: Communication confirmation data such as website visit records (3 months)
● Electronic Commerce Act: Records on contracts or withdrawal of subscriptions (5 years)
● Electronic Commerce Act: Records on payment and supply of goods (5 years)
● Electronic Commerce Act: Records on consumer complaints or dispute resolution (3 years)
● Electronic Commerce Act: Records on display and advertising (6 months)
● Information and Communications Network Act: Records on identity verification (6 months)
| Article 2 (Entrustment of Personal Information Processing)
① The company entrusts personal information processing tasks to ensure smooth processing as follows.
1. Trustee: Infobank / Entrusted Task: Sending notification messages
2. Trustee: Channel Corporation / Entrusted Task: Customer service operation through Channel Talk
3. Trustee: Naver Cloud / Entrusted Task: Cloud server provision and management
4. Trustee: Amazon Web Services / Entrusted Task: Cloud server provision and management
5. Trustee: Google / Entrusted Task: User behavior analysis using Google Analytics, Firebase Analytics
| Article 3 (Procedures for Destruction of Personal Information)
① The company destroys personal information without delay when the retention period has expired, the processing purpose has been achieved, or the personal information is no longer necessary.
② If personal information needs to be retained even after the retention period has expired or the processing purpose has been achieved due to other laws, it will be transferred to a separate database or stored in a different location.
③ The procedures and methods for destroying personal information are as follows.
1. Destruction Procedure: Select personal information to be destroyed, obtain approval from the personal information protection officer, and then destroy the personal information.
2. Destruction Method: Personal information recorded and stored in electronic file format is destroyed so that it cannot be reproduced, and personal information recorded and stored in paper documents is shredded or incinerated.
| Article 4 (Rights and Obligations of Data Subjects and Their Legal Representatives and How to Exercise Them)
① Data subjects (including legal representatives for those under the age of 14) can exercise the following personal information protection rights at any time.
1. Request to access personal information
2. Request to correct errors, if any
3. Request to delete
4. Request to suspend processing
② The exercise of rights under Paragraph 1 can be made in writing, by email, or by fax according to the form prescribed in Form 8 of the Enforcement Rules of the Personal Information Protection Act. The company will respond promptly to such requests.
③ If a data subject requests correction or deletion of personal information due to errors, the personal information will not be used or provided until the correction or deletion is completed.
④ The exercise of rights under Paragraph 1 can be made through a legal representative or an agent. In this case, a power of attorney in accordance with Form 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
⑤ Requests for access to personal information and suspension of processing may be restricted under Articles 35(4) and 37(2) of the Personal Information Protection Act.
⑥ Requests for correction and deletion cannot be made if other laws specify that the personal information must be collected.
⑦ When requesting access, correction, deletion, or suspension of processing, the identity of the person making the request or their legitimate representative will be verified.
| Article 5 (Measures to Ensure the Security of Personal Information)
① The company takes the following measures to ensure the security of personal information.
1. Administrative Measures: Establishment and implementation of an internal management plan, operation of a dedicated organization, regular security education
2. Technical Measures: Management of access rights to personal information processing systems (application of Zero Trust system), installation of access control systems, encryption of personal information, installation and updating of security programs for employees
| Article 6 (Installation, Operation, and Refusal of Automatic Collection Devices for Personal Information)
① The company uses "cookies" for the following purposes. Cookies are small amounts of information sent by the server (https) used to operate the website to the user's computer browser or mobile application, which are stored on the user's internal hard disk or mobile device.
1. Purpose of using cookies: Maintaining login status, maintaining user's environment settings, analyzing service usage statistics for service improvement, providing customized services, analyzing interest areas for targeted marketing, identifying participation levels in various events, providing convenience features
2. Disadvantages of refusing cookies: Difficulty in providing optimized services and information to users. Difficulty in using customized services. Difficulty in using some services that require login.
3. How to refuse the installation and operation of cookies: Depending on the type of browser app, cookies can be refused as follows.
- View cookie settings for Chrome
- View cookie settings for Microsoft Edge
- View cookie settings for Safari
② The company uses "web log analysis tools" that automatically collect and analyze visit records and access methods when users access the website/app to provide a better user experience. In some cases, the company may entrust web log analysis tasks to third parties, and personal information collected in the process may be transferred abroad. You can check the details in the "Entrustment of Personal Information Processing" section.
1. Purpose of using web log analysis tools: Analyzing service usage statistics for service improvement, providing customized services and benefits, providing customized advertisements
2. How to refuse and block web log analysis tools
- View Google Analytics
- View Firebase Analytics
3. Disadvantages of refusal: No disadvantages in using the service. However, it may affect statistical analysis for service improvement.
| Article 7 (Matters Concerning the Collection, Use, and Refusal of Behavioral Information)
① The company does not collect, use, or provide behavioral information for online customized advertisements.
| Article 8 (Personal Information Protection Officer and Request for Access to Personal Information)
① The company designates the following personal information protection officer to oversee and be responsible for personal information processing tasks and to handle complaints and relief for data subjects related to personal information processing.
② Data subjects can contact the personal information protection officer and the relevant department for all inquiries, complaints, and requests for relief related to personal information protection while using the company's services. The company will respond and process inquiries without delay.
1. Personal Information Protection Officer: Hyungbin Choi (Personal Information Protection Officer/CEO)
2. Personal Information Department: Product Division
3. Personal Information Access Window: Operation Division
4. Contact: Kkokkio Alarm Customer Service (Chat Consultation on the Website)
| Article 9 (Remedies for Infringement of Data Subject Rights)
① The company makes every effort to protect the personal information of data subjects. If data subjects wish to seek remedies for personal information infringement, they can apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency, etc. For other personal information infringement reports and consultations, please contact the following institutions.
1. Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Reporting Center: 118 (privacy.kisa.or.kr)
3. Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
4. National Police Agency: 182 (ecrm.cyber.go.kr)
② Under Articles 35 (Access to Personal Information), 36 (Correction and Deletion of Personal Information), and 37 (Suspension of Personal Information Processing, etc.) of the Personal Information Protection Act, if data subjects are infringed upon by a disposition or omission by the head of a public institution, they may request an administrative trial in accordance with the Administrative Appeals Act.
※ For detailed information on administrative trials, please refer to the Central Administrative Appeals Commission (http://www.simpan.go.kr/).
③ For inquiries regarding the protection and processing of personal information, you can use the 118 Customer Center operated by the Korea Internet & Security Agency.
※ Phone Inquiry: 118 (extension 2 within ARS), Email Inquiry: [email protected]
| Article 10 (Changes to the Privacy Policy)
① This privacy policy is effective from July 27, 2023.